| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 25 Nov 2004 13:40:56 -0800 From: Dragos Ruiu <dr@....net> To: Gadi Evron <ge@...uxbox.org>, Berend-Jan Wever <skylined@...p.tudelft.nl> Cc: full-disclosure@...ts.netsys.com, vuln-dev@...urityfocus.com, bugtraq@...urityfocus.com Subject: Re: Re: FIREFOX flaws: nested array sort() loop Stack overflow exception On November 25, 2004 07:51 am, Gadi Evron wrote: > > I'd have loved to CC mozilla about this, but I didn't have the time to do > > the crash course "how to write a bug report" and go through all that > > bugzilla crap. > > So instead you unleash it upon kiddie and spammer world? That's lovely. > Some people are advocates of this or that disclosure mechanism, and > believe they are right. I can bite. > You just say: "I'm so cool. I will release this, get a ton of attention > and then say 'hey! They violated GPL! How dare they?!'" He didn't have to release it... he could have sold it or any number of other things including just exploiting it quietly. We should stop shooting the messenger and say thanks to people who do other's debugging for free and for all our own good. my 2c, --dr -- World Security Pros. Cutting Edge Training, Tools, and Techniques Vancouver, Canada May 4-6 2005 http://cansecwest.com pgpkey http://dragos.com/ kyxpgp _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists